Home Malware Programs Malware Flimkit Exploit Kit

Flimkit Exploit Kit

Posted: July 3, 2013

Threat Metric

Threat Level: 2/10
Infected PCs: 78
First Seen: July 3, 2013
OS(es) Affected: Windows

The Flimkit Exploit Kit is a Web-based PC threat that launches drive-by-downloads, or attacks that install malicious software onto your computer automatically. While the Flimkit Exploit Kit may be set up to deliver various types of malware, current Flimkit Exploit Kit payloads include ransomware Trojans, which lock your computer, display misleading warning messages and (usually) request a ransom fee to restore your computer to normal. Sites compromised with redirects to the Flimkit Exploit Kit do not necessarily show any visible signs of the attack, and SpywareRemove.com malware analysts endorse using anti-malware software both for blocking these drive-by-downloads and deleting any PC threats installed by the Flimkit Exploit Kit.

How One Bad Advertisement Can Turn into Multiple Infections for Your PC

The Flimkit Exploit Kit uses many code, payload management and delivery methods that are similar to those of the Glazunov and Sibhost Exploit Kit, but also includes some interesting characteristics unto itself. Current Flimkit Exploit Kit attacks, which are reported to be on the rise, appear to be making use of malicious Flash content and advertisements that are distributed on poorly-secured ad networks. Rather than requiring victims to expose themselves to hostile or hacked sites, therefore, the Flimkit Exploit Kit takes the circuitous route of simply requiring that victims load a site that includes advertisements from an advertising network used by the Flimkit Exploit Kit's malware authors.

Another trait unique to the Flimkit Exploit Kit between these three very similar EKs is that the Flimkit Exploit Kit also is designed to install two separate payloads – albeit from a single Java Archive file. Vulnerable PCs exposed to redirecting ads to the Flimkit Exploit Kit can, thusly, find themselves infected with not just one but two different PC threats. Current payloads for the Flimkit Exploit Kit are various types of ransomware (a la Survey Warning Ransomware or the Policia Nacional de Uruguay Virus), though SpywareRemove.com malware experts must warn that the Flimkit Exploit Kit easily can be instructed to install different types of malware.

Keeping the Flimkit Exploit Kit from Flimflamming You

Although the Flimkit Exploit Kit does employ some code obfuscation techniques to defend itself from being detected, adequately competent anti-malware products should be able to detect the Flimkit Exploit Kit (as well as its landing page, Mal/ExpJS-BJ). Besides the ever-present need for good anti-malware software, you also may defend your PC against the Flimkit Exploit Kit by disabling Java – which is an essential part of the Flimkit Exploit Kit's drive-by-download attacks – and updating your software for a minimum of exploitable vulnerabilities.

Ransomware-based PC threats like those installed by a Flimkit Exploit Kit's attacks often are characterized by attempts to portray themselves as warning messages from the FBI, copyright enforcement organizations and/or various branches of your country's police force. While they usually attempt to hold your operating system hostage in exchange for a ransom, SpywareRemove.com malware researchers have never found any case of such PC threats that can't be remedied most easily with appropriate security software.

Technical Details

Additional Information

The following URL's were detected:
renewals-center-wno1.store
Loading...